| عنوان | 9Router Router 0.3.47-0.3.32 Authorization Bypass |
|---|
| الوصف | Missing Authentication on Administrative API Endpoints Leads to Full System Compromise in 9Router
9Router applies its login boundary to `/dashboard` routes but does not enforce equivalent server-side authentication on multiple sensitive `/api/*` handlers. As a result, an unauthenticated remote attacker can directly call administrative API routes to export the full local database, list and mint API keys, retrieve provider secrets, modify application settings, trigger server-side requests to attacker-chosen destinations, and stop the service.
This is a broad administrative API exposure issue with multiple concrete impacts, all reachable without a valid session token.
Exploit_Poc_Repo = https://github.com/deepcat1337/Free_Api_Exploit/tree/main |
|---|
| المصدر | ⚠️ https://github.com/decolua/9router/issues/431 |
|---|
| المستخدم | cyberthoth (UID 28322) |
|---|
| ارسال | 26/03/2026 12:05 PM (20 أيام منذ) |
|---|
| الاعتدال | 08/04/2026 07:43 PM (13 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 356298 [decolua 9router حتى 0.3.47 Administrative API Endpoint /api تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|